net_reader: no STARTTLS for IMAP localhost or onions

[public-inbox.git] / lib / PublicInbox / NetReader.pm

diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm
index 236e824cd26d48ec2326b97455b139d0b5841a65..e305523e300b16c2b32b59442ecadf44be683c02 100644 (file)
--- a/lib/PublicInbox/NetReader.pm
+++ b/lib/PublicInbox/NetReader.pm
@@ -91,6 +91,16 @@ try configuring a socks5h:// proxy:
 EOM
 }
 
+# Net::NNTP doesn't support CAPABILITIES, yet; and both IMAP+NNTP
+# servers may have multiple listen sockets.
+sub try_starttls ($) {
+       my ($host) = @_;
+       return if $host =~ /\.onion\z/si;
+       return if $host =~ /\A127\.[0-9]+\.[0-9]+\.[0-9]+\z/s;
+       return if $host eq '::1';
+       1;
+}
+
 # mic_for may prompt the user and store auth info, prepares mic_get
 sub mic_for ($$$$) { # mic = Mail::IMAPClient
        my ($self, $uri, $mic_common, $lei) = @_;
@@ -122,6 +132,7 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
        # it to be disabled since I usually connect to localhost
        if (!$mic_arg->{Ssl} && !defined($mic_arg->{Starttls}) &&
                        $mic->has_capability('STARTTLS') &&
+                       try_starttls($host) &&
                        $mic->can('starttls')) {
                $mic->starttls or die "E: <$uri> STARTTLS: $@\n";
        }
@@ -164,15 +175,6 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
        $mic;
 }
 
-# Net::NNTP doesn't support CAPABILITIES, yet
-sub try_starttls ($) {
-       my ($host) = @_;
-       return if $host =~ /\.onion\z/s;
-       return if $host =~ /\A127\.[0-9]+\.[0-9]+\.[0-9]+\z/s;
-       return if $host eq '::1';
-       1;
-}
-
 sub nn_new ($$$) {
        my ($nn_arg, $nntp_cfg, $uri) = @_;
        my $nn;